Australian telecoms giant Optus said it was able to access current and former customer data after a cyber attack on its systems.
Optus said in a press release Thursday that an unspecified number of customer names, dates of birth, phone numbers, email addresses and addresses and identity document numbers, such as driver’s license or passport numbers, were taken in the breach.
The telco did not say when the breach occurred, but believes the incident is over.
Optus is a subsidiary of Singapore-owned Singtel and is Australia’s second largest telecommunications company, with approximately 10 million customers.
The Australian Signals Directorate, the equivalent of the US National Security Agency, was notified of the incident.
Telecom, telephone and mobile giants are a common target for their role in every country’s critical infrastructure. State-backed hackers have been known to break into telcos looking for phone data to spy on critics and carry out espionage, while criminal hackers, such as SIM swappers, often rely on breached data and insider access to exploit social engineering carry out attacks that convince customer support or employees to hand over access to their systems.
Optus is the latest major telco to be hit by hackers in recent years. In 2015, Australian telco Telstra said the internal network of its submarine cable company Pacnet had been compromised for weeks, with hackers gaining access to its email and other internal company systems.
In the United States, T-Mobile announced its seventh network breach earlier this year after hackers from the Lapsus$ cybercrime group stole the telco’s source code. Last year, the second-largest cellular carrier in the US said at least 47 million customers had personal information stolen by hackers.